TOGAF: Risk Management

From Glitchdata
Jump to navigation Jump to search

There are two levels of risk that should be considered, namely:

  1. Initial Level of Risk: Risk categorization prior to determining and implementing mitigating actions.
  2. Residual Level of Risk: Risk categorization after implementation of mitigating actions (if any).

The process for risk management is described in the following sections and consists of the following activities:

  1. Risk classification
  2. Risk identification
  3. Initial risk assessment
  4. Risk mitigation and residual risk assessment
  5. Risk monitoring

Risk Classification

Risk Identification

Initial Risk Assessment

Risk Mitigation and Residual Risk Assessment

Risk Monitoring and Governance

Related to Phase G

Related ADM Guidelines & Techniques